CyberSec.Space Logo
Back to CVE Browser

CVE-2016-9564

HIGH
7.5
CVSS Severity Score
EPSS Score0.0980%
EPSS Percentile7.91th
PublishedNov 30, 2016
Last ModifiedMay 6, 2026

Vulnerability Description

Buffer overflow in send_redirect() in Boa Webserver 0.92r allows remote attackers to DoS via an HTTP GET request requesting a long URI with only '/' and '.' characters.

Affected Platforms (CPE)

πŸ“¦
Boa

Boa

= 0.92r

References & Advisories

πŸ”— http://www.ljcusack.io/cve-2016-9564-stack-based-buffer-overflow-in-boa-0-dot-92r
πŸ”— http://www.securityfocus.com/bid/94599
πŸ”— http://www.ljcusack.io/cve-2016-9564-stack-based-buffer-overflow-in-boa-0-dot-92r
πŸ”— http://www.securityfocus.com/bid/94599

Related Vulnerabilities

CVE-2007-491510.0

The Intersil isl3893 extensions for Boa 0.93.15, as used on the FreeLan RO80211G-AP and other devices, do not prevent stack writes...

CVE-2021-315779.8

In Boa, there is a possible escalation of privilege due to a missing permission check. This could lead to remote escalation of pri...

CVE-2018-210279.8

Boa through 0.94.14rc21 allows remote attackers to trigger an out-of-memory (OOM) condition because malloc is mishandled.

CVE-2021-353959.8

Realtek Jungle SDK version v2.x up to v3.4.14B provides an HTTP web server exposing a management interface that can be used to con...